SOC 2 Type 2 for TheHive Cloud Platform: mission complete!

At StrangeBee, we’re committed to delivering a secure and reliable Security Case Management solution through TheHive Cloud Platform (THCP). Today, we’re thrilled to share a significant milestone in that commitment: the completion of our SOC 2 Type 2 assessment by Deloitte.

SOC, or “System & Organization Controls,” is a framework established by the American Institute of Certified Public Accountants (AICPA). It involves a series of audit reports performed by independent auditors. Specifically, SOC 2 focuses on assessing the controls service providers put in place to ensure the security of their offerings.

To undergo a SOC 2 audit, a company must design controls aligned with the AICPA Trust Services Criteria and demonstrate their consistent operation.

The completion of the assessment reinforces StrangeBee’s commitment to THCP through:

The report confirms that both the design and operational effectiveness of StrangeBee’s controls for THCP align with the AICPA Trust Services Criteria and support the standards expected in the industry.

Deloitte reviewed StrangeBee’s controls for THCP starting in December, completing the assessment this February. Every control was carefully examined and tested to confirm it operates as intended.

In May of last year, THCP successfully completed its SOC 2 Type 1 assessment, also conducted by Deloitte. The evaluation verified that the design of our internal controls supports our systems’ security and the protection of customer data.

The completion of the assessment strengthens StrangeBee’s relationship of trust with its customers through:

This internationally recognized report demonstrates our dedication to upholding Service Level Agreements (SLAs). Users of THCP can rely on our platform’s consistent operation in accordance with these SLAs.

The report also simplifies third-party risk management processes for customers by providing verified insights into the StrangeBee’s controls. This reduces the need for ad hoc assessments, offering customers greater confidence in addressing their security inquiries.

SOC 2 is widely recognized as a best practice for security in SaaS and cloud providers, and many regulations indirectly require or strongly encourage third-party security assessments.